WINspect – Powershell-based Windows Security Auditing Toolbox

WINspect is part of a larger project for auditing different areas of Windows environments. It focuses on enumerating different parts of a Windows machine aiming to identify security weaknesses and point to components that need further hardening. The main targets for the current version are domain-joined windows machines. However, some of the functions still apply for standalone workstations.

Features

This current version of the script supports the following features :

Checking for installed security products.

Enumerating World Exposed local filesystem shares.

Enumerating domain users and groups with local group membership.

Enumerating registry autoruns.

Enumerating local services that are configurable by Authenticated Users group members.

Enumerating local services for which corresponding binary is writable by Authenticated Users group members.